Solved

How to get mountd to pass through checkpoint firewall

Posted on 2010-11-25
4
2,148 Views
Last Modified: 2012-05-10
Hi All,

would someone be able to tell me how do I get NFS ports (particularly mountd) to pass through a Checkpoint R70 firewall? They are being blocked by Implied rules.

Ideally I'd like to be able to do this without changing the order in which the implied rules are applied to my rule base but if thats the only way then I'd like to find out what the repercussions could be on the rest of my rules.

Many thanks!
0
Comment
Question by:yellowteam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 34215160
You should configure a VPN (remote) connection and access the NFS over the VPN.

Opening ports for NFS:
http://forums.freebsd.org/showthread.php?t=5123

There are different options depending on which NFS mode you use nfs3, or 4.
0
 

Author Comment

by:yellowteam
ID: 34215612
Hi there, sorry I should have mentioned that this is between two internal networks that are seperated by this firewall
0
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 34218199
You would then need to setup a set of rules on the firewall to allow the  UDP/TCP traffic between the interface segments outlined in the link from the earlier post.

sunrpc            111/tcp         rpcbind      #SUN Remote Procedure Call
sunrpc            111/udp         rpcbind      #SUN Remote Procedure Call
nfsd-status      1110/tcp   #Cluster status info
nfsd-keepalive      1110/udp   #Client status info
nfsd            2049/tcp   nfs            # NFS server daemon
nfsd            2049/udp   nfs            # NFS server daemon
lockd            4045/udp   # NFS lock daemon/manager
lockd            4045/tcp

0
 

Author Comment

by:yellowteam
ID: 34218561
Hi There
Thanks for that, I've now gotten it working
0

Featured Post

Webinar June 1st - Attacking Ransomware  

The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Does Cisco ASA 5506-X have full dmz capabilities 3 165
Cisco VPN client v5 migration to Anyconnect VPN? 8 84
TZ400 2 43
How to migrate from Juniper srx to pan 7.x? 2 36
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question